Posts About External links

Weekly update, June 15, 2020

Welcome back!

Howdy internet friend and welcome back to my blog! I am stoked because this week marks ten in a row of weekly updates! This wouldn’t be an easy task even if there wasn’t a pandemic, so I’m feeling proud that I managed to accomplish this with everyone else going on in the world. As usual, I’m going to break down this post to personal and professional so it’ll be easy to skip around if you are only interested in what is happening on my island in Animal Crossing, or if you want to see how my programming is progressing. This post should have a little something for everybody! (Not just because it’s really long, although that might have something to do with it.) Also, I’m going to do a little ranting about masks so if you are one of those people who thinks that wearing a mask is a political statement, I would suggest leaving this blog and not coming back. You aren’t going to like what I have to say and I don’t want to share my knowledge with people who are willfully ignorant. If you think that keeping vulnerable people from dying is a political statement, then frankly I don’t have time for you. Is that harsh? Yeah, it is. So is having my loved ones die or be exposed to serious health complications because of selfishness. Being nice doesn’t always work, so if I have to be harsh, so be it.

Wear a mask!

It really annoys me that this is political, but I have to speak out on this subject. For the last two years I’ve lived in Orange County, California. Generally speaking, it is a pretty nice place to live - although the cost of living is out of control. Orange County has a reputation for being one of the more conservative parts of southern California, and this is not undue. In our little apartment complex roughly 90% of the people who live here walk around with masks. Many people let their children play outside every day without masks either. This is really frustrating because we are doing the right thing and being responsible. There are people here at high risk for complications so we are taking extra precautions. Seeing how no one else seems to care really makes me furious. Because of so many threats on the life of the person responsible for pushing the policy, Orange County now is no longer requiring people to wear masks. This is so selfish and shortsighted, not unlike the move of the country to open up during a pandemic. It sucks because it feels like the last three months of doing the right thing to stop the second wave won’t matter, since the first wave has never stopped rising. California was basing the reopenining on science and health officials, but I guess people got tired of doing the right thing so we are just going to throw everything open and let people die. Who the hell cares, right? It’s just old and vulnerable people who are going to die, why should we care about them? Obviously I’m being sarcastic, and it makes me sad that I have to clarify, because there are so many whose actions say just that. “I don’t care if you die, I can’t be asked to wear a mask.” That’s what I see whenever someone is walking around without a mask. A lack of care about anyone besides themselves. Pure selfishness.

I think more than anything else the mask thing makes me sick because it shows how little we care in this country. I thought Americans cared about one another, but this pandemic has me questioning that basic premise. All you have to do is put on a mask (which looks cool and cyberpunk AF) and you can reduce the possibility of transmission of the disease to somewhere in the neighborhood of three percent. However, people find their own selfish reasons about “muh freedom” but the reality is your freedom should never threaten the life or livelihood of others. That’s when it ceases to be a freedom issue and is instead A PUBLIC HEALTH ISSUE. LIKE WEARING A MASK DURING A PANDEMIC FOR WHICH THERE IS NO CURE! I swear I feel like Will Ferrell’s character in Zoolander sometimes, in that it feels like everyone around me is taking crazy pills. Studies have shown that everyone wearing masks can reduce transmission to between 1.5-3%. Just wear the damn mask! It’s not like we are splitting the atom here, just trying to keep people alive and the hospitals from being overwhelmed.

I could keep ranting about this, because the lack of people wearing masks really grinds my gears, but I will stop my rant here. Just please wear a mask! Don’t do it for yourself, do it for the check out clerk who lives with their grandmother. Do you want your selfishness to be responsible for the most vulnearble in our society to die? If the answer is no, just wear the damn mask!

Personal

Since I started with the mask rant, I will slide in to talking about how my week went personally. We made more progress on packing for an upcoming move, which was necessary but not super fun. We spent a bunch of time last weekend playing video games as a family, which is always fun. I bought “Mario Party” before the self-isolation began and we usually play at least once a week. Last week was pretty uneventful so I don’t have much to share on the personal side this week.

Black Lives Matter!

I don’t want to stop talking about this, because it is really important. Black lives matter! I’ve written previously with resources for other white people to educate ourselves on anti-racism, so feel free to check out some of my previous posts for more book suggestions. This week I would suggest checking out anything by Angela Davis. I’m certain you will find benefit as she is an excellent and thoughtful writer and a great speaker. Invest some time reading and digesting what she has to say for your own personal enrichment. Actually, I don’t care what your reason is for picking up a book, just do it! I haven’t regretted reading a book since I finished graduate school, and the only ones I regret reading there were boring and terrible books about barbed wire and crap like that. If you don’t want to read her books, the second result from Googling Angela Davis are interviews she’s done recently. Check them out if you don’t want to read, but do try and spend some time expanding your knowledge this week, particularly about the struggle that Black Americans are going through. Try and develop some empathy this week!

ACNH

This week I actually learned my lesson! I spent around 700k bells on turnips last week and just about lost my ass! I bought the turnips at 90 bells/turnip - the lowest price I’ve ever paid. Then every day on my island the price went down. It started at 80 and by the end of the week was down to 39. I was proud of myself for managing to track all the prices for the week - and I only had to time travel once!

So if you are reading this, you may be saying to yourself, “Dave, sounds like you lost your ass in the stock market last week” and you would be right. However, on Saturday morning the price of turnips on my son’s island went up to 189 bells/turnip and I managed to double my money.

“WOW, that sounds pretty lucky Dave” - you are correct, disembodied voice, it was a lucky week. So lucky, in fact, that I decided not to buy turnips or play the stock market this week. I’ve got a bunch of stuff going on so I decided to skip the stonks this week. In addition to the reason I listed about being busy, I’ve also got over two million bells in the bank and my house is fully upgraded. Which is to say that I don’t really have stuff to spend money on so trying to stack more chips doesn’t make heaps of sense right now. I’m trying not to be selfish, and this week I’m probably going to listen to Isabelle and the people on my island and get rid of some of my trees. I don’t need a riot of fruit trees when I’m already rich. Time to stop being so greedy and make my island a nicer place to live for the other residents of the island (my sons calls them his friends). Now if only the billionaries in our society were willing to do the same. Imagine what we could do if Jeff Bezos, Bill Gates, Amazon, Facebook, or Google paid taxes?! Why, I bet there are all sorts of things we could pay for if billionaries and giant corps paid their fair share in taxes! One of the many things it could pay for is a Universal Basic Income so people could stay at home and not spread the pandemic. But that would require Congress to not pass out billions of dollars to corporations and slash taxes on the rich, which is to say not very likley. It’s also a rant/post for another day.

Hack with your friends!

When I was first starting my journey in offensive security, I made a friend at one of my local meetups. I was living outside Spokane when I started attending DC509 - the local DefCON chapter. While there I learned about Spokane 2600, a much smaller club, and I went to check out one of their meetings out in Spokane Valley. Eventually the location moved to Starbucks slightly closer to me and even though it was about an hour and a half round trip, I started attending the monthly meetings. I became friends with the guy who ran the club and although 2600 only met once a month, we started getting together once a week to work on hackthebox.eu machines and hang out. At this time I was running my own consultancy and spending six days a week improving my skills. Of all the things I did to level up, nothing was more enjoyable that taking time to hack with Acetolyne each week.

When COVID-19 started getting bad in March/April, Spokane 2600 moved their meetings to a virtual format, which gave my buddy and I the chance to start hanging out again. We decided to start doing our weekly sessions and although we don’t meet up every week, it is really great when we do! As I’ve mentioned previously, we are doing our best to self-isolate in the Collins household. Finding time once a week to hang out and chat with a friend has been great for my mental health. I would highly suggest if you are struggling with the self-isolation/quarantine impacts of minimal social time, try to schedule a weekly digital hangout with a friend. They’ve done wonders for me and I imagine they might also be beneficial for you as well.

Professional

Last week was pretty good professionally. I had the opportunity to shadow (which, for the uninitiated, is where you follow and learn the methodology of a team of more experienced consultants) on a web application penetration test. I’ve done a few shadowing engagements before and invested substantial time in learning web application penetration testing, but it was really beneficial to work with two experienced consultants. Not only were they fun to work with, but I learned heaps during the engagement. In fact, I found the engagement to be so beneficial that I invested some time Friday afternoon in writing a letter to each boss and other interested parties of the two dudes I worked with to tell them what a great job they did. After I finished my six month project management engagement I also did the same thing for the guy I worked with.

I think it is really important to use your voice. If I see something really great - someone doing a really good job, going above and beyond the call of duty, something like that, I stop what I’m doing and call out that excellent behavior. Today people spend so much time complaining, and I totally get it. Lots of stuff is terrible right now! However, I like to do what I can to lift people up rather than tearing them down. I’ve found that a rising tide lifts all boats and when you lift people up (even if this isn’t why you should do it) they will often lift you up too!

It’s really easy in the cut throat corporate world to try and step on the necks of everyone around you to get ahead. However, I’ve had my neck stepped on enough times in my career to start looking for an alternative. Each time I reach out to a persons boss they have told me how much they appreciate it. Small gestures like taking the time to let someone’s boss know they did a great job is good for a number of reasons. Even if you just want to be selfish, having people let you know that they appreciate you feels nice! I’m not saying you should do nice things because it will feel good, but I guess it doesn’t really matter why you do nice things, so long as you are doing them. Right? Or is the motivation as important as the action? If you think this is an interesting subject, you can at-tweet me to discuss it, or write a post of your own!

I’m not going to spend more time here telling you why you should build up your coworkers rather than tear them down. For me, I want to get a reputation for being someone who builds people up. Someone who is great on a team. Someone who works hard to make the whole team better. What type of reputation you want to build for yourself is your own business, but it’s worth investing time to think about what type of reputation you want to cultivate.

I wrote something (shocker)

It probably won’t come as a great surprise, but last Friday since I had some free time and I wanted to do something nice for the two dudes I learned from over the last two weeks, I wrote a document to share with them. They are both great at web application penetration testing but neither had done any network penetration testing. So I wrote an outline and then had about a half hour WebEx call with them where I went over my methodology.

I spent some time thinking about it after the call and since I had the bandwidth, I spent the rest of my afternoon expanding the outline in to a document I called, “Popping shells for fun and profit.” I put a few hours in to writing it and it came to around five pages. I did my best to make it fun and share some good resources, while not taking itself too seriously. When I moved on from the MSP I helped build their security offerings, I left a 45 page book with a similiar title explaining how to do open source intelligence gathering (OSINT) as well as how to conduct an external penetration test. It also included the scripts I wrote while working there, as well as a document I wrote about building fake LinkedIN accounts to gather open source intelligence.

This document wasn’t the first time that I wrote something at work without being asked. I feel that writing is one of my strengths and I do my best to incorporate my strengths where I can. While I enjoy the technical stuff, it is not my greatest strength. Instead, since I feel my greatest strength is communication, I do my best to figure out how to leverage my skills and strengths. This might be something you find value with as well, but for now I will leave you with the thought exercise of how to better apply your strengths in the workplace. If you have extra time/bandwidth take on a small writing project and share it when you are done. It’s possible your boss will appreciate the initiative you took. It’s also possible they will get burned, but if your boss gets upset that you took on extra work to better yourself, that might tell you everything you need to know.

People to follow

Here are some tech and non-tech people you might consider following.

Martin Luther King III - The son of Dr. Martin Luther King, Jr.

Bernice King - The daughter of Dr. King

@cetolyne - great friend, awesome programmer, super helpful!

@blenster - cool maker, very positive, well worth a follow!

@GWeessies - very smart person doing interesting research!

Marley - first place champ! Marley is one of the best on Twitter!

Null Coder - another awesome person to keep an eye on!

That’s it for this week!

Thanks for reading to the end! It looks like each week the posts are getting longer, for better or for worse! I hope that you’ve been enjoying what I’ve been writing. If not, feel free to ping me on Twitter and let me know how you think I can improve. Or just stop reading this all together! I’m kidding! I appreciate you taking the time to read this and I hope you have a very nice day!

Click here for the previous post and click here to read what I wrote next